crypt() in glibc/eglibc 2.17 now fails if passed

a salt that violates specs. On Linux, crypt() also fails with DES/MD5 salts in FIPS140 mode. Rather than exit() on NULL returns we send them back to the caller for appropriate handling.
2013-07-28 18:41:11 +02:00
parent a6769c050b
commit 52a38d5509
10 changed files with 65 additions and 12 deletions
--- a/lib/encrypt.c
+++ b/lib/encrypt.c
@@ -49,11 +49,10 @@
 	if (!cp) {
 		/*
 		 * Single Unix Spec: crypt() may return a null pointer,
-		 * and set errno to indicate an error.  The caller doesn't
-		 * expect us to return NULL, so...
+		 * and set errno to indicate an error. In this case return
+		 * the NULL so the caller can handle appropriately.
 		 */
-		perror ("crypt");
-		exit (EXIT_FAILURE);
+		return cp;
 	}

 	/* The GNU crypt does not return NULL if the algorithm is not